Frljiang123

**Name of the Vulnerable Software and Affected Versions** yashpokharna2555 StudentManagementSystem (affected versions not specified) **Description** A weakness in the `/success.php` file allows for remote SQL injection, which is a technique where malicious SQL statements are inserted into entry fields for execution. The issue is triggered by the manipulation of the `User` argument. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the `/success.php` file or avoid using the `User` parameter until the issue is resolved.